InfoSec News 20250214

  • Publicado: Sex, 14/02/2025 - 14:38

Top News

  • whoAMI attacks give hackers code execution on Amazon EC2 instances

"Security researchers discovered a name confusion attack that allows access to an Amazon Web Services account to anyone that publishes an Amazon Machine Image (AMI) with a specific name."

Link

TLP1 : Green

  • Fake BSOD Attack Launched via Malicious Python Script

"A peculiar malicious Python script has surfaced, employing an unusual and amusing anti-analysis trick to mimic a fake Blue Screen of Death (BSOD)."

Link

TLP1 : Green

Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism

  • Dutch Police seizes 127 XHost servers, dismantles bulletproof hoster

"The Dutch Police (Politie) dismantled the ZServers/XHost bulletproof hosting operation after taking offline 127 servers used by the illegal platform."

Link

TLP1 : Green

  • Chinese hackers breach more US telecoms via unpatched Cisco routers

"China's Salt Typhoon hackers are still actively targeting telecoms worldwide and have breached more U.S. telecommunications providers via unpatched Cisco IOS XE network devices."

Link

TLP1 : Green

Breaches: Data Breaches and Hacks

  • Zacks Investment hit in data breach - 12 million users potentially at risk

"Investment research firm allegedly suffers new cyberattack"

Link

TLP1 : Green

Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits

  • Rapid7 Flags New PostgreSQL Zero-Day Connected to BeyondTrust Exploitation

"Rapid7 finds a new zero-day vulnerability in PostgreSQL and links it to chain of attacks against a BeyondTrust Remote Support product."

Link

TLP1 : Green

  • AMD Ryzen Master Utility Vulnerable to DLL Hijacking (CVE-2024-21966)

"A newly discovered vulnerability in the AMD Ryzen Master Utility could allow attackers to escalate privileges and potentially execute arbitrary code on affected systems."

Link

TLP1 : Green

Incident Response: Infrastructure, Training, SIEM and Incident Handling

  • AI-Powered Social Engineering: Ancillary Tools and Techniques

"Social engineering is advancing fast, at the speed of generative AI. This is offering bad actors multiple new tools and techniques for researching, scoping, and exploiting organizations. In a recent communication, the FBI pointed out: 'As technology continues to evolve, so do cybercriminals' tactics.'"

Link

TLP1 : Green

Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography

  • macOS Security Breach: CVE-2024-54531 PoC Published, Attackers Can Bypass KASLR

"Security researchers from Korea University have unveiled an attack that successfully bypasses Kernel Address Space Layout Randomization (KASLR) on macOS running on Apple Silicon processors."

Link

TLP1 : Green

 

 

1Traffic Light Protocol (TLP) [1] for information sharing:

 

 

  • Red:Not for disclosure, restricted to participants only.
  • Amber: Limited disclosure, restricted to participants organizations.
  • Green: Limited disclosure, restricted to the community.

 

[1]https://www.first.org/tlp

Infosec News